Internal Security Industry Spotlight: The Gas & Oil Sector

With an ever-growing reliance on technology to automate and simplify our private and business lives, the world has entered an era of cyber security attacks that are frighteningly easy to implement, globally impacting, and catastrophic in nature. While no sector fares well under siege of cyber criminals, attacks in the gas and oil industries can have apocalyptic results.

It doesn’t take any stretch of the imagination to envision the extensive global effects that could occur within moments of a petroleum plant falling into the hands of the wrong people. The world got a taste of this scenario in 2008 when a gas pipeline exploded inexplicably, dumping 30,000 barrels of oil into the water aquifer, costing BP $5 million per day, and interrupting transit for three weeks. The incident was a major security breach that caught the attention of high-profile intelligence agencies across the globe. Despite having surveillance cameras for every inch of the pipeline, not one warning signal was triggered, and nothing was caught on video or otherwise recorded.

This was no malfunction. According to investigators, “The main weapon…was a keyboard.” Cyber attacks are prevalent and devastating in nature, and the most frightening realization of all is that the vast majority of these incidents are due to internal threats.

Serious Consequences of a Cyber attack in These Sectors

Gas & Oil are one of the top categories hackers target most, second only to Power & Utilities by a mere 2%. The reason these sectors are hit most frequently is the potential damage that can be caused. Consider some of the consequences:

Plant sabotage

Unplanned or undetected spillage

Interruption in production of necessary resources or distribution of vital utilities

Facility terrorism

Hydrocarbon installation terrorism

And these threats could lead to global disaster within minutes. The Gas & Oil industries in particular need to safeguard specific areas including:

Pipelines, refineries, and tank farms

Office, production, and distribution buildings

Off-site utilities towers and plants

Telecom systems

Sensitive files and data

Exploration and production plants, lines, and mines

How Governments are Reacting to These Cyber Threats

Government agencies are not taking these serious threats to global safety lightly. In reaction to the massive outbreak of insider-triggered cyber-attacks, regulation guidelines have been enacted to keep a tighter watch on possible and developing risk factors. For example:

Chemical Facility Anti-Terrorism Standards (CFATS): These guidelines, enacted by Homeland Security, are used to identify and regulate high-risk chemical facilities so that dangerous substances are constantly monitored and have the necessary security measures in place at all times.

North American Electric Reliability Corporation – Critical Infrastructure Protection (NERC CIP): This critical infrastructure protection plan is made up of nine standards and 45 requirements that span the security spectrum to protect these sensitive industries on every level from cyber asset protection and personnel training to security management and planning for recovery after a disaster.

Additionally, the API, ISA/IEC, and INGAA standards have all been assessed and upgraded to ensure that maximum security measures are taken in these high-risk industries.

What Companies Can Do to Stay Safe

Given the substantial number of Gas and Oil executives with exposure to classified data, keeping internal systems secure poses a unique industry challenge. Here are some of the recommended security steps Gas and Oil companies should take to prevent the danger of insider tampering and hacks.

Access control

Implement a tiered access control system, granting high-risk data access only to those who have passed security clearance. The control of activities such as starting and stopping gas in a pipeline, or the daily functioning of an oil refinery should be given to top tier personnel only. These employees can then be more heavily monitored for inconsistent or suspicious behavior.

Assess problems

Install advanced security software to help identify system issues and issue an alert as soon as they arise. By carrying out a general sweep, software programs can help monitor: alarm system functioning, release point safety controls, backup systems, system authorization access and more.

Employee monitoring

Enlist the help of employee monitoring software to alert you to and preemptively block risky or suspicious user behavior. This is a particularly valuable security measure for preventing internal damage before data is accessed or leaked. Software programs such as these can be pre-programmed to automatically block or deny user access based on pre-defined security measures.

Securing Company Responsibility

With the Oil & Gas industries literally fueling much of our daily activities, the need to maintain internal security is a real and pressing one. Both governments and individual organizations need to take preemptive measures to avoid the costly ecological and economic damage incurred, should authorized company information, find its way into the wrong hands.

Isaac Kohen started his career in quantitative finance developing complex trading algorithms for a major Wall Street hedge fund. During his tenure at Wall Street and his subsequent experience securing highly sensitive data for large multi-national conglomerates, he identified the market need for a comprehensive insider threat and data loss prevention solution. And so, Teramind was born. Isaac is a well-recognized thought leader in the security industry with many of his articles published in Forbes, Inc, Tripwire, and CSO Online. Read more industry thought leadership articles on Isaac's LinkedIn.

Posts created: 209

Previous articleThe Lasting Effects of a Cyber Attack: A Farewell to NotPetya

Next articleThe Victim Click: The Psychology Behind Making Employees Click